<?PHP
include("../../interface/util/db/DBUtil.php");
$userName=$_REQUEST["_login_user_name"];
$password=$_REQUEST["_login_password"];
$passwordEncry=md5($userName.$password);
$conn=getConnection();
mysql_query("set names UTF-8");
$strQuery = "select * from op_user where user_name='".$userName."'";
$result = mysql_query($strQuery) or die(mysql_error());
$locationURL="../../login.php";
if($result){
    if(mysql_num_rows($result)==0){
      $locationURL="../../login.php?isSucc=0";
    }    
    while($ors = mysql_fetch_array($result)) {
	    if($passwordEncry==$ors["password"]){
	      $locationURL="../../main.php";
        session_start(); 
        $_SESSION['userId']=$ors["user_id"];
        $_SESSION['userName']=$ors["user_name"];
        $_SESSION['realName']=$ors["real_name"];
        $_SESSION['nickName']=$ors["nick_name"];
        $_SESSION['userLevel']=$ors["level"]; 
	    }else{		  
        $locationURL="../../login.php?isSucc=0";
      }
    }
}else{
    $locationURL="../../login.php?isSucc=0";
}
mysql_close($link);
header("Location: ".$locationURL);
?>